Certified Network Defender (CND) — Question 153
Which of the following is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and other suspicious traffic?
Answer options
- A. PSAD
- B. Hping
- C. NetRanger
- D. Nmap
Correct answer: A
Explanation
The correct answer is PSAD, which is specifically designed to analyze iptables logs on Windows systems for suspicious activities like port scans. Hping, NetRanger, and Nmap serve different purposes, such as network scanning and packet crafting, but do not focus on iptables log analysis.